Senior Offensive Security Consultant

As Senior Offensive Security Consultant in Dubex, you will work close with renowned cybersecurity experts to secure companies against cyberthreats and play a key role in shaping Dubex’ services within offensive security.

About Dubex
Dubex is Denmark’s leading business specialist on IT security, delivering and supporting security solutions on more than 500 locations around the world. For nearly 25 years, Dubex has helped private companies and public institutions in managing risks, adapting to change, and enabling growth.

Dubex culture
The company culture is based on the founder’s passion and curiosity for technology and cybersecurity. Their technical expertise and knowledge are great part of Dubex’ professional image and encourages everyone to live out their inner geek as an expression for true enthusiasm. To thrive, it is therefore central to bring a genuine professional interest for the subject, technical or not, as it is often the reason for people coming together and making a difference in their work.

Offensive Security Services
Offensive Security Services is a new team responsible for delivering value-driven high-quality services within offensive security. Services such as application pentesting, network pentesting, AD pentesting, endpoint pentesting, red teaming, vulnerability scanning and phishing campaigns. OSINT and IOT being potential additions to the portfolio.

You will join a team that initially will consist of you, another offensive security specialist and the team manager, although Offensive Security Services make use of capacities across the organization, working closely with skilled cybersecurity specialists in e.g., SOC and Cyber Defence Center (CDC). There is an environment of strong technical expertise, where help will always be available, when needed.

As part of a new team, you join the beginning of an interesting journey in Dubex, and a manager who invests time in how to create the best motivational working conditions for high performance. Besides flexible working hours, meetings will be held to a minimum to ensure least possible distractions.

The manager
You will refer to Head of Offensive Security Services, Lone Juul Dransfeldt Christensen, who has recently joined Dubex. She has extensive experience in penetration testing and vulnerability assessment/management from consulting and large IT companies, where she has worked in both specialist and management positions.

As a manager, Lone is dedicated to the delivery of high quality and the well-being of her team. To her, this is founded on an open and honest communication. She encourages people to be themselves and to share anything – also feedback on areas, where she can improve. She keeps a constant eye on the ball and expects her team to show initiative and motivation at work, as she will do her best to create the surroundings to support it. As a manager, Lone puts diversity and ‘the new workspace’ high on her list of values. She promotes diverse backgrounds as they provide flexible thinking and will use new scientific research to facilitate talks on best ways of working. She is at eye-level with everyone and focus on solving things together as a team.

The position
As Offensive Security Specialist in Dubex, you will work close with renowned cybersecurity experts to secure companies against cyberthreats and play a key role in shaping Dubex’ services within offensive security.

Your primary responsibility is to lead a variety of offensive security assignments e.g., penetration testing end-to-end with customers. You do not only ensure technical depth in your assessment, but a close dialogue with the customer about scoping, vulnerabilities and recommendations. Your ability to translate complex technical findings into a language understandable by the customer is clearly reflected in the reports, where findings and recommendations are presented in a concise and understanding language.

To keep focus, you will mainly be working one assignment at a time and develop your report during testing using automated tools. Working alongside passionate and technically skilled cybersecurity professionals, good peer review will always be close. You will also have a close sparring partner in your relation to your manager, whom you occasionally will team up with on given assignments.

With new emerging cyberattacks, your will collaborate closely with specialists in the Cyber Defence Center, sharing (live) insights on events and on behaviours of threat actors. In addition, to continuously improve services and internal processes, you will maintain a good dialogue with sales and marketing to understand external demands and to provide them with feedback that ensures high quality services throughout the customer journey.

It is a position, where curiosity, engagement and teamwork are highly valued, as you will experience a great influence on how to approach your tasks, and a great interest for new ideas and how to optimize services and procedures.

Working for a cybersecurity company founded on principles of knowledge-sharing and ‘joining forces’, you will be given time to do research within your field and participate on key industry conferences and events as the company’s offensive security specialist.

Primary responsibilities

• Perform penetration testing, vulnerability scans, red team engagements, vulnerability assessment and management etc. to improve customers overall security posture
• Technical report writing and documentation of red team and penetration testing activities
• Customer engagement to address concerns, issues, or escalations on findings
• Shape and improve offensive security services to enhance internal processes and ensure the best solutions for customers in close collaboration with the teams
• Research and presentations on key cybersecurity events

Professional qualifications

• Bachelor’s degree in a technical discipline (or equivalent work experience)
• 3+ years preferred of working experience in one or more of the following areas: penetration testing, threat intelligence, security control and vulnerability assessments, secure software development
• One or more certifications within offensive security e.g., OSCP, OSWP, OSEP, OSWA, OSWE, eCPPT, eCPTX, eWPT, eMAPT, CRTP
• Experience from an organization/position with a strong consulting presence is considered an advantage
• Security clearance

Personal competencies
Analytical with eye for detail. You place an emphasis on ensuring a good basis for decision making, where you ensure the necessary details and depth in your investigations of complex (technical) issues.

Initiative and proactive. You enjoy a busy environment, where you are able to take initiative and be productive. You are not afraid to challenge the existing way of doing things with a focus to optimize processes and services.

Communicative. You consider communication style based on audience with the ability to communicate highly technical findings to a non-technical audience clearly. You are comfortable with the preparation of documentation and reports.

Passionate and knowledge-seeking. You are passionate about cybersecurity and for attaining knowledge on new trends. You find it natural to seek answers to things you do not know and aspire to help set new standards within cybersecurity.

Authentic and convincing. You demonstrate professional and personal integrity towards stakeholders, customers, and co-workers from your strong virtue of being well-prepared, and the depth of your technical skills. Your argumentation have convincing effect.

We encourage all qualified applicants to apply regardless of age, sex, gender, gender identity or expression, sexual orientation, religion, country of origin or ethnicity.
Department: Gyngemose Parkvej 50, Søborg

Location: Søborg